package com.example.controller;


import com.example.entity.SysUser;
import com.example.entity.vo.UserVO;
import com.example.service.SysUserService;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import java.util.List;

/**
 * (SysUser)表控制层
 *
 * @author makejava
 * @since 2022-04-11 22:35:27
 */
@RestController
@RequestMapping("/sysUser")
//如果使用 @PreAuthorize("hasRole('ROLE_ADMIN')")需要在类的头部加上@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableGlobalMethodSecurity(prePostEnabled = true) //打开权限验证
public class SysUserController{
    /**
     * 服务对象
     */
    @Resource
    private SysUserService sysUserService;


    @PreAuthorize("hasRole('admin')")
    @GetMapping("/admin")
    public String hello() {
        return "hello admin";
    }

    @PreAuthorize("hasRole('normal')")
    @GetMapping("/userInfo")
    public UserVO test() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        System.out.println(authentication.getName());
        return sysUserService.getSysUser(authentication.getName());
    }

    @PreAuthorize("hasRole('admin')")
    @GetMapping("/list")
    public List<SysUser> list() {
        return sysUserService.list();
    }
}

